from rest_framework import permissions
class IsOwnerOrReadOnly(permissions.BasePermission):
    """
    Custom permission to only allow owners of an object to edit it.
    """

    def has_object_permission(self, request, view, obj):
        # Read permissions are allowed to any request,
        # so we'll always allow GET, HEAD or OPTIONS requests.
        if request.method in permissions.SAFE_METHODS:
            return True

        # Write permissions are only allowed to the owner of the snippet.

        return 'permission' in self.get_user_permissions(request)


    def get_user_permissions(self,request):
        group_list = request.user.groups.all()
        permissions = []
        for group in group_list:
            for permission in group.permissions:
                permissions.append(permission.name)
        return permissions


